Skip to content

Commit

Permalink
Merge pull request SAML-Toolkits#345 from pkarman/multiple-authn-context
Browse files Browse the repository at this point in the history 
Support multiple settings.auth_context
  • Loading branch information
@pitbulk
pitbulk authored Jul 28, 2016
2 parents 7d48ca8 + 9c10696 commit 709b4c0
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 2 deletions.
5 changes: 5 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,11 @@ def saml_settings
# Optional for most SAML IdPs
settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
# or as an array
settings.authn_context = [
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
]
# Optional bindings (defaults to Redirect for logout POST for acs)
settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Expand Down
7 changes: 5 additions & 2 deletions lib/onelogin/ruby-saml/authrequest.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,8 +136,11 @@ def create_xml_document(settings)
}

if settings.authn_context != nil
class_ref = requested_context.add_element "saml:AuthnContextClassRef"
class_ref.text = settings.authn_context
authn_contexts = settings.authn_context.is_a?(Array) ? settings.authn_context : [settings.authn_context]
authn_contexts.each do |authn_context|
class_ref = requested_context.add_element "saml:AuthnContextClassRef"
class_ref.text = authn_context
end
end
# add saml:AuthnContextDeclRef element
if settings.authn_context_decl_ref != nil
Expand Down
7 changes: 7 additions & 0 deletions test/request_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,13 @@ class RequestTest < Minitest::Test
assert_match /<saml:AuthnContextClassRef>secure\/name\/password\/uri<\/saml:AuthnContextClassRef>/, auth_doc.to_s
end

it "create multiple saml:AuthnContextClassRef elements correctly" do
settings.authn_context = ['secure/name/password/uri', 'secure/email/password/uri']
auth_doc = OneLogin::RubySaml::Authrequest.new.create_authentication_xml_doc(settings)
assert_match /<saml:AuthnContextClassRef>secure\/name\/password\/uri<\/saml:AuthnContextClassRef>/, auth_doc.to_s
assert_match /<saml:AuthnContextClassRef>secure\/email\/password\/uri<\/saml:AuthnContextClassRef>/, auth_doc.to_s
end

it "create the saml:AuthnContextClassRef with comparison exact" do
settings.authn_context = 'secure/name/password/uri'
auth_doc = OneLogin::RubySaml::Authrequest.new.create_authentication_xml_doc(settings)
Expand Down

0 comments on commit 709b4c0

Please sign in to comment.